Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\71e0000.dll.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\71e0000.dll.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\71e0000.dll.dll,#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\71e0000.dll.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F9697B0000
|
heap
|
page read and write
|
||
|
1EA5EA70000
|
heap
|
page read and write
|
||
|
2F969A60000
|
heap
|
page read and write
|
||
|
2F969A41000
|
heap
|
page read and write
|
||
|
1E8B2AA0000
|
trusted library allocation
|
page read and write
|
||
|
29090E00000
|
heap
|
page read and write
|
||
|
16561A20000
|
heap
|
page read and write
|
||
|
1CE78C90000
|
heap
|
page read and write
|
||
|
53A4CFF000
|
stack
|
page read and write
|
||
|
165621B0000
|
remote allocation
|
page read and write
|
||
|
29453F60000
|
heap
|
page read and write
|
||
|
1E8B1C90000
|
heap
|
page read and write
|
||
|
1EA5F332000
|
heap
|
page read and write
|
||
|
1F812AD0000
|
trusted library allocation
|
page read and write
|
||
|
1CE78CF0000
|
heap
|
page read and write
|
||
|
1E8B1C70000
|
heap
|
page read and write
|
||
|
1E8B1D4D000
|
heap
|
page read and write
|
||
|
29090D90000
|
trusted library allocation
|
page read and write
|
||
|
2F969A13000
|
heap
|
page read and write
|
||
|
29090E65000
|
heap
|
page read and write
|
||
|
2F969A32000
|
heap
|
page read and write
|
||
|
29091827000
|
heap
|
page read and write
|
||
|
1EA5E980000
|
heap
|
page read and write
|
||
|
1B23C340000
|
heap
|
page read and write
|
||
|
16561C02000
|
heap
|
page read and write
|
||
|
29091754000
|
heap
|
page read and write
|
||
|
2F969A7C000
|
heap
|
page read and write
|
||
|
29454047000
|
heap
|
page read and write
|
||
|
1E8B2A80000
|
trusted library allocation
|
page read and write
|
||
|
2F969A57000
|
heap
|
page read and write
|
||
|
1EA5EA00000
|
heap
|
page read and write
|
||
|
158C3D50000
|
heap
|
page read and write
|
||
|
1B23C502000
|
heap
|
page read and write
|
||
|
1EA5EAE2000
|
heap
|
page read and write
|
||
|
1B23C413000
|
heap
|
page read and write
|
||
|
1CE78F13000
|
heap
|
page read and write
|
||
|
11DAFFB000
|
stack
|
page read and write
|
||
|
FEB472E000
|
stack
|
page read and write
|
||
|
1CE7AA40000
|
trusted library allocation
|
page read and write
|
||
|
BC118FB000
|
stack
|
page read and write
|
||
|
158C3B3D000
|
heap
|
page read and write
|
||
|
2F969A78000
|
heap
|
page read and write
|
||
|
3994F7F000
|
stack
|
page read and write
|
||
|
1AC6C813000
|
heap
|
page read and write
|
||
|
16561C29000
|
heap
|
page read and write
|
||
|
158C3B39000
|
heap
|
page read and write
|
||
|
12A1BFE000
|
stack
|
page read and write
|
||
|
FEE647F000
|
stack
|
page read and write
|
||
|
158C3B10000
|
heap
|
page read and write
|
||
|
2F969A62000
|
heap
|
page read and write
|
||
|
BC11B79000
|
stack
|
page read and write
|
||
|
2F969A6C000
|
heap
|
page read and write
|
||
|
1CE78E59000
|
heap
|
page read and write
|
||
|
1B23C400000
|
heap
|
page read and write
|
||
|
1AC6C867000
|
heap
|
page read and write
|
||
|
11DAEFB000
|
stack
|
page read and write
|
||
|
1EA5E920000
|
heap
|
page read and write
|
||
|
1E8B2870000
|
trusted library allocation
|
page read and write
|
||
|
158C6D13000
|
heap
|
page read and write
|
||
|
1B23C330000
|
heap
|
page read and write
|
||
|
1E8B2B00000
|
trusted library allocation
|
page read and write
|
||
|
29090E8C000
|
heap
|
page read and write
|
||
|
1B23CC02000
|
trusted library allocation
|
page read and write
|
||
|
1E8B2AB0000
|
trusted library allocation
|
page read and write
|
||
|
1E8B1D45000
|
heap
|
page read and write
|
||
|
BC120FF000
|
stack
|
page read and write
|
||
|
1F80F902000
|
heap
|
page read and write
|
||
|
16561C57000
|
heap
|
page read and write
|
||
|
29454029000
|
heap
|
page read and write
|
||
|
3ACA5FD000
|
stack
|
page read and write
|
||
|
1AC6C877000
|
heap
|
page read and write
|
||
|
2F9697C0000
|
heap
|
page read and write
|
||
|
1CE78E58000
|
heap
|
page read and write
|
||
|
3ACA579000
|
stack
|
page read and write
|
||
|
5A9DCFF000
|
stack
|
page read and write
|
||
|
12A15FC000
|
stack
|
page read and write
|
||
|
29453F70000
|
heap
|
page read and write
|
||
|
335887F000
|
stack
|
page read and write
|
||
|
FEB46AC000
|
stack
|
page read and write
|
||
|
399517E000
|
stack
|
page read and write
|
||
|
1EA5EB02000
|
heap
|
page read and write
|
||
|
29090E90000
|
heap
|
page read and write
|
||
|
53A498B000
|
stack
|
page read and write
|
||
|
BC11E7F000
|
stack
|
page read and write
|
||
|
290917B0000
|
heap
|
page read and write
|
||
|
2F969A00000
|
heap
|
page read and write
|
||
|
158C3B2E000
|
heap
|
page read and write
|
||
|
165619B0000
|
heap
|
page read and write
|
||
|
1F80F8FE000
|
heap
|
page read and write
|
||
|
1CE7A7E0000
|
remote allocation
|
page read and write
|
||
|
5A9D9FC000
|
stack
|
page read and write
|
||
|
2F969A5A000
|
heap
|
page read and write
|
||
|
158C3A40000
|
heap
|
page read and write
|
||
|
5A9DDFD000
|
stack
|
page read and write
|
||
|
158C3B18000
|
heap
|
page read and write
|
||
|
1EA5EA89000
|
heap
|
page read and write
|
||
|
29090E2F000
|
heap
|
page read and write
|
||
|
1EA5EA13000
|
heap
|
page read and write
|
||
|
1AC6C800000
|
heap
|
page read and write
|
||
|
3ACA4FE000
|
stack
|
page read and write
|
||
|
158C3B4E000
|
heap
|
page read and write
|
||
|
16561C13000
|
heap
|
page read and write
|
||
|
1F80F90A000
|
heap
|
page read and write
|
||
|
1CE78E59000
|
heap
|
page read and write
|
||
|
2F969A45000
|
heap
|
page read and write
|
||
|
33582FC000
|
stack
|
page read and write
|
||
|
158C3B2A000
|
heap
|
page read and write
|
||
|
12A127B000
|
stack
|
page read and write
|
||
|
1CE78E00000
|
heap
|
page read and write
|
||
|
1B23C46B000
|
heap
|
page read and write
|
||
|
1AC6C868000
|
heap
|
page read and write
|
||
|
1F80F8FE000
|
heap
|
page read and write
|
||
|
29454013000
|
heap
|
page read and write
|
||
|
1CE78E13000
|
heap
|
page read and write
|
||
|
1B23C440000
|
heap
|
page read and write
|
||
|
1B23C513000
|
heap
|
page read and write
|
||
|
383C71E000
|
stack
|
page read and write
|
||
|
1B23C500000
|
heap
|
page read and write
|
||
|
1EA5E910000
|
heap
|
page read and write
|
||
|
1F80F8EB000
|
heap
|
page read and write
|
||
|
1EA5EA51000
|
heap
|
page read and write
|
||
|
29090E43000
|
heap
|
page read and write
|
||
|
5A9DE7E000
|
stack
|
page read and write
|
||
|
1B23C429000
|
heap
|
page read and write
|
||
|
165621B0000
|
remote allocation
|
page read and write
|
||
|
2945403C000
|
heap
|
page read and write
|
||
|
1CE78E3D000
|
heap
|
page read and write
|
||
|
1AC6C670000
|
heap
|
page read and write
|
||
|
2F969A3D000
|
heap
|
page read and write
|
||
|
1CE78F00000
|
heap
|
page read and write
|
||
|
2945402E000
|
heap
|
page read and write
|
||
|
33583FD000
|
stack
|
page read and write
|
||
|
158C3AD0000
|
heap
|
page read and write
|
||
|
1CE78E4E000
|
heap
|
page read and write
|
||
|
1F80F6AB000
|
heap
|
page read and write
|
||
|
29091802000
|
heap
|
page read and write
|
||
|
1AC6C902000
|
heap
|
page read and write
|
||
|
158C3B27000
|
heap
|
page read and write
|
||
|
BF68B2D000
|
stack
|
page read and write
|
||
|
1E8B1D4D000
|
heap
|
page read and write
|
||
|
158C3B42000
|
heap
|
page read and write
|
||
|
1F80F8E0000
|
heap
|
page read and write
|
||
|
231F5AF3000
|
heap
|
page read and write
|
||
|
290917BE000
|
heap
|
page read and write
|
||
|
1F80F7F0000
|
heap
|
page read and write
|
||
|
29453FC0000
|
heap
|
page read and write
|
||
|
1E8B2000000
|
trusted library allocation
|
page read and write
|
||
|
335857D000
|
stack
|
page read and write
|
||
|
2F969A29000
|
heap
|
page read and write
|
||
|
1CE7A7B0000
|
trusted library allocation
|
page read and write
|
||
|
12A19FF000
|
stack
|
page read and write
|
||
|
12A1AFF000
|
stack
|
page read and write
|
||
|
1E8B1FF9000
|
heap
|
page read and write
|
||
|
53A4C7E000
|
stack
|
page read and write
|
||
|
399527C000
|
stack
|
page read and write
|
||
|
1F80F903000
|
heap
|
page read and write
|
||
|
165619C0000
|
heap
|
page read and write
|
||
|
290917C7000
|
heap
|
page read and write
|
||
|
1EA5EA2A000
|
heap
|
page read and write
|
||
|
158C3D55000
|
heap
|
page read and write
|
||
|
1AC6C913000
|
heap
|
page read and write
|
||
|
29091602000
|
heap
|
page read and write
|
||
|
1CE78E02000
|
heap
|
page read and write
|
||
|
11DB0FB000
|
stack
|
page read and write
|
||
|
3357FFC000
|
stack
|
page read and write
|
||
|
1E8B1B30000
|
heap
|
page read and write
|
||
|
29091813000
|
heap
|
page read and write
|
||
|
2F969820000
|
heap
|
page read and write
|
||
|
29090E22000
|
heap
|
page read and write
|
||
|
1EA5EA67000
|
heap
|
page read and write
|
||
|
1F80F90A000
|
heap
|
page read and write
|
||
|
12A147B000
|
stack
|
page read and write
|
||
|
1CE7AA00000
|
trusted library allocation
|
page read and write
|
||
|
16561D02000
|
heap
|
page read and write
|
||
|
16562202000
|
trusted library allocation
|
page read and write
|
||
|
158C3B33000
|
heap
|
page read and write
|
||
|
2F969A68000
|
heap
|
page read and write
|
||
|
2F969A48000
|
heap
|
page read and write
|
||
|
158C3A60000
|
heap
|
page read and write
|
||
|
29454802000
|
trusted library allocation
|
page read and write
|
||
|
2F969A63000
|
heap
|
page read and write
|
||
|
29090E59000
|
heap
|
page read and write
|
||
|
158C3B56000
|
heap
|
page read and write
|
||
|
2F969A42000
|
heap
|
page read and write
|
||
|
3ACA479000
|
stack
|
page read and write
|
||
|
1CE78F18000
|
heap
|
page read and write
|
||
|
335847B000
|
stack
|
page read and write
|
||
|
29090F13000
|
heap
|
page read and write
|
||
|
158C3B2A000
|
heap
|
page read and write
|
||
|
2F969A58000
|
heap
|
page read and write
|
||
|
1F80F870000
|
heap
|
page read and write
|
||
|
29091722000
|
heap
|
page read and write
|
||
|
1CE7A7E0000
|
remote allocation
|
page read and write
|
||
|
29091702000
|
heap
|
page read and write
|
||
|
1AC6C870000
|
heap
|
page read and write
|
||
|
29090E6C000
|
heap
|
page read and write
|
||
|
1AC6C85A000
|
heap
|
page read and write
|
||
|
29454052000
|
heap
|
page read and write
|
||
|
1E8B1D67000
|
heap
|
page read and write
|
||
|
399557E000
|
stack
|
page read and write
|
||
|
29091830000
|
heap
|
page read and write
|
||
|
3994DFC000
|
stack
|
page read and write
|
||
|
FEE637A000
|
stack
|
page read and write
|
||
|
2F969A43000
|
heap
|
page read and write
|
||
|
231F5A40000
|
heap
|
page read and write
|
||
|
1E8B2A90000
|
heap
|
page readonly
|
||
|
1EA5EAC5000
|
heap
|
page read and write
|
||
|
BC1148B000
|
stack
|
page read and write
|
||
|
29090CD0000
|
heap
|
page read and write
|
||
|
29454000000
|
heap
|
page read and write
|
||
|
2F969A4E000
|
heap
|
page read and write
|
||
|
12A1DFF000
|
stack
|
page read and write
|
||
|
2F969A6B000
|
heap
|
page read and write
|
||
|
29090E53000
|
heap
|
page read and write
|
||
|
FEE5DDB000
|
stack
|
page read and write
|
||
|
231F5900000
|
heap
|
page read and write
|
||
|
1CE78E9A000
|
heap
|
page read and write
|
||
|
1E8B1FB0000
|
trusted library allocation
|
page read and write
|
||
|
1E8B1D4D000
|
heap
|
page read and write
|
||
|
1F80F8FA000
|
heap
|
page read and write
|
||
|
1EA5EB13000
|
heap
|
page read and write
|
||
|
1F812680000
|
heap
|
page read and write
|
||
|
2F969A3B000
|
heap
|
page read and write
|
||
|
1CE78E68000
|
heap
|
page read and write
|
||
|
16561C3C000
|
heap
|
page read and write
|
||
|
2F96A002000
|
trusted library allocation
|
page read and write
|
||
|
1E8B1D08000
|
heap
|
page read and write
|
||
|
1F80F8F6000
|
heap
|
page read and write
|
||
|
29091722000
|
heap
|
page read and write
|
||
|
1EA5E9B0000
|
trusted library allocation
|
page read and write
|
||
|
29090E6E000
|
heap
|
page read and write
|
||
|
BC119FF000
|
stack
|
page read and write
|
||
|
11DA99C000
|
stack
|
page read and write
|
||
|
1AC6C802000
|
heap
|
page read and write
|
||
|
1B23C3D0000
|
trusted library allocation
|
page read and write
|
||
|
5A9DA7C000
|
stack
|
page read and write
|
||
|
158C6D20000
|
trusted library allocation
|
page read and write
|
||
|
1F80F90F000
|
heap
|
page read and write
|
||
|
29091700000
|
heap
|
page read and write
|
||
|
1CE7A802000
|
trusted library allocation
|
page read and write
|
||
|
FEB4D7F000
|
stack
|
page read and write
|
||
|
1E8B1FF0000
|
heap
|
page read and write
|
||
|
2F969A7B000
|
heap
|
page read and write
|
||
|
1AC6C875000
|
heap
|
page read and write
|
||
|
12A16FF000
|
stack
|
page read and write
|
||
|
1F80F7D0000
|
heap
|
page read and write
|
||
|
29454102000
|
heap
|
page read and write
|
||
|
1AC6C841000
|
heap
|
page read and write
|
||
|
5A9D53C000
|
stack
|
page read and write
|
||
|
5A9DC7D000
|
stack
|
page read and write
|
||
|
29091823000
|
heap
|
page read and write
|
||
|
1B23C479000
|
heap
|
page read and write
|
||
|
29090FE5000
|
heap
|
page read and write
|
||
|
12A1CFF000
|
stack
|
page read and write
|
||
|
2F9699F0000
|
trusted library allocation
|
page read and write
|
||
|
1B23C3A0000
|
heap
|
page read and write
|
||
|
1AC6C610000
|
heap
|
page read and write
|
||
|
1EA5EABC000
|
heap
|
page read and write
|
||
|
1AC6C829000
|
heap
|
page read and write
|
||
|
1CE78C80000
|
heap
|
page read and write
|
||
|
1AC6C854000
|
heap
|
page read and write
|
||
|
2F969A61000
|
heap
|
page read and write
|
||
|
1F812683000
|
heap
|
page read and write
|
||
|
335817E000
|
stack
|
page read and write
|
||
|
1B23C474000
|
heap
|
page read and write
|
||
|
29090CE0000
|
heap
|
page read and write
|
||
|
29090D40000
|
heap
|
page read and write
|
||
|
29090F8C000
|
heap
|
page read and write
|
||
|
1EA5F202000
|
heap
|
page read and write
|
||
|
2F969B02000
|
heap
|
page read and write
|
||
|
1E8B1B40000
|
trusted library allocation
|
page read and write
|
||
|
1F80F902000
|
heap
|
page read and write
|
||
|
16561BF0000
|
trusted library allocation
|
page read and write
|
||
|
158C3D5B000
|
heap
|
page read and write
|
||
|
29091743000
|
heap
|
page read and write
|
||
|
158C3900000
|
heap
|
page read and write
|
||
|
1E8B1FF5000
|
heap
|
page read and write
|
||
|
1E8B1D00000
|
heap
|
page read and write
|
||
|
1F80F902000
|
heap
|
page read and write
|
||
|
1F8132D0000
|
heap
|
page read and write
|
||
|
2F969A85000
|
heap
|
page read and write
|
||
|
1CE7A7E0000
|
remote allocation
|
page read and write
|
||
|
29454043000
|
heap
|
page read and write
|
||
|
1EA5EADF000
|
heap
|
page read and write
|
||
|
335827F000
|
stack
|
page read and write
|
||
|
158C6D10000
|
heap
|
page read and write
|
||
|
1CE78E69000
|
heap
|
page read and write
|
||
|
1B23C451000
|
heap
|
page read and write
|
||
|
2F969A33000
|
heap
|
page read and write
|
||
|
1F80F6A0000
|
heap
|
page read and write
|
||
|
BC11FFF000
|
stack
|
page read and write
|
||
|
12A18FD000
|
stack
|
page read and write
|
||
|
158C3B3D000
|
heap
|
page read and write
|
||
|
1CE78E6E000
|
heap
|
page read and write
|
||
|
1E8B1F90000
|
trusted library allocation
|
page read and write
|
||
|
1E8B1D60000
|
heap
|
page read and write
|
||
|
335867E000
|
stack
|
page read and write
|
||
|
399507E000
|
stack
|
page read and write
|
||
|
1EA5F300000
|
heap
|
page read and write
|
||
|
3ACA3FD000
|
stack
|
page read and write
|
||
|
399537C000
|
stack
|
page read and write
|
||
|
16561C63000
|
heap
|
page read and write
|
||
|
29454037000
|
heap
|
page read and write
|
||
|
2F969A5D000
|
heap
|
page read and write
|
||
|
1EA5EACD000
|
heap
|
page read and write
|
||
|
1E8B1FA0000
|
trusted library allocation
|
page read and write
|
||
|
2F969A5B000
|
heap
|
page read and write
|
||
|
16561C52000
|
heap
|
page read and write
|
||
|
1AC6D002000
|
trusted library allocation
|
page read and write
|
||
|
29091790000
|
heap
|
page read and write
|
||
|
FEB4B7E000
|
stack
|
page read and write
|
||
|
29454002000
|
heap
|
page read and write
|
||
|
29090E3D000
|
heap
|
page read and write
|
||
|
FEE6679000
|
stack
|
page read and write
|
||
|
29091800000
|
heap
|
page read and write
|
||
|
BC11F7F000
|
stack
|
page read and write
|
||
|
1AC6C600000
|
heap
|
page read and write
|
||
|
16561C00000
|
heap
|
page read and write
|
||
|
39949EB000
|
stack
|
page read and write
|
||
|
FEB4E7F000
|
stack
|
page read and write
|
||
|
29090E92000
|
heap
|
page read and write
|
||
|
383C69B000
|
stack
|
page read and write
|
||
|
1F80F8FE000
|
heap
|
page read and write
|
||
|
158C3B2F000
|
heap
|
page read and write
|
||
|
29090E2A000
|
heap
|
page read and write
|
||
|
383C79E000
|
stack
|
page read and write
|
||
|
BC11D7E000
|
stack
|
page read and write
|
||
|
1F80F690000
|
heap
|
page read and write
|
||
|
2F969A46000
|
heap
|
page read and write
|
||
|
335877D000
|
stack
|
page read and write
|
||
|
11DB1FF000
|
stack
|
page read and write
|
||
|
FEB4C7E000
|
stack
|
page read and write
|
||
|
2909176F000
|
heap
|
page read and write
|
||
|
1AC6C770000
|
trusted library allocation
|
page read and write
|
||
|
BC11AFB000
|
stack
|
page read and write
|
||
|
3ACA27B000
|
stack
|
page read and write
|
||
|
1CE78F02000
|
heap
|
page read and write
|
||
|
1B23C402000
|
heap
|
page read and write
|
||
|
231F5AED000
|
heap
|
page read and write
|
||
|
231F5AE0000
|
heap
|
page read and write
|
||
|
BC11C7A000
|
stack
|
page read and write
|
||
|
29090E13000
|
heap
|
page read and write
|
||
|
1CE78F1C000
|
heap
|
page read and write
|
||
|
29090FB9000
|
heap
|
page read and write
|
||
|
1F80F8FA000
|
heap
|
page read and write
|
||
|
1F80F8EE000
|
heap
|
page read and write
|
||
|
1EA5EA85000
|
heap
|
page read and write
|
||
|
2F969A7F000
|
heap
|
page read and write
|
||
|
1CE78E2A000
|
heap
|
page read and write
|
||
|
2F969A6E000
|
heap
|
page read and write
|
||
|
29090D70000
|
trusted library allocation
|
page read and write
|
||
|
29090E93000
|
heap
|
page read and write
|
||
|
1CE78DF0000
|
trusted library allocation
|
page read and write
|
||
|
2F969A59000
|
heap
|
page read and write
|
||
|
158C7520000
|
heap
|
page read and write
|
||
|
3357BDC000
|
stack
|
page read and write
|
||
|
158C3B33000
|
heap
|
page read and write
|
||
|
165621B0000
|
remote allocation
|
page read and write
|
||
|
29453FF0000
|
trusted library allocation
|
page read and write
|
||
|
16561C27000
|
heap
|
page read and write
|
||
|
1F80F6A5000
|
heap
|
page read and write
|
||
|
FEB47AE000
|
stack
|
page read and write
|
||
|
1CE78E69000
|
heap
|
page read and write
|
There are 353 hidden memdumps, click here to show them.